If that lookup fails, then an IPv4 lookup is performed. Now when you try to login the URL ends up: proxy.library.school.ca/login?qurl=http://www.someurl.org With this bit of a change the cert checks out and as it doesn't hit the third level of domain EZproxy V5.7.44 If you are not yet ready to upgrade to V6.x at this time, OCLC recommends that you upgrade to V5.7.44 for security reasons. If you import this certificate manually and are using proxy by port, you will receive no errors, do not need this option, and can stop reading here.

Gavin Spomer Systems Programmer Brooks Library Central Washington University You are currently subscribed to ezproxy as: [emailprotected]. Search Support & Training Contact OCLC Support System Alerts Librarian's Toolbox Bibliographic Formats and Standards Directory of OCLC Libraries System alerts Online Service Center More » Product Support Training Software & If you are using Proxy by Port, you do not need a wildcard certificate. EZproxy V6.0 will have the same SSL/TLS settings as V5.7.44.

However, it will not do any harm if you leave it in those stanzas that already have it. Note: Special configurations in LogFormat and LogSPU are necessary to record BOTH session ID and username. EZproxy V6.1 will be built with OpenSSL V1.x, and we plan to support TLS 1.1 and 1.2 with this build. Use IfCity, IfCountry, and IfRegion statements in the user.txt file to restrict access from countries where your users should not be accessing EZproxy.

Additional information about this release can be found on the EZproxy Release Notes page. You do not need to modify your configuration files to run EZproxy V6.0 in IPv4 mode. and its affiliates This site uses cookies. If you have not yet obtained a WSKey, you will need to request one before downloading the newest version of EZproxy as keys obtained prior to EZproxy V6.0 will not work

Bug Fixes EZproxy incorrectly suspended users who had not surpassed the Usage limits set in config.txt. to the front of its name, which can eliminate the browser warnings DURING LOGIN ONLY. Upgrading EZproxy to V5.7.44 or V6.x will resolve this problem as SSL 3 is disabled by default. If this directive is specified, then the DNS lookup is performed for an IPv6 address.

Any stanzas that previously required the directive Mimefilter json to be added will no longer require this statement. Date Index Thread: Prev Next Thread Index To explain "Option IgnoreWildcardCertificate", consider the EZproxy server named ezproxy.yourlib.org. First place to look: messages.txt If EZproxy is noticing any issues, it will record error messages to the messages.txt file. New Option IPv6 directive This directive is a position-independent directive in config.txt that specifies the default network lookup order for DNS addresses.

This certificate is capable of matching ezproxy.yourlib.org, which means that it is capable of acting like a "purchased regular" certificate. Mary's Gate Sheffield S1 4LW GB T: +44 (0)114 267 7502 T: 0845 267 7502 (local rate) E: Support is available between the hours of 09:00 and 17:30 (UK Time). and its affiliates This site uses cookies. Beyond the extremely large Linux log file, this error can also occur when some privacy products interfere with the login process.

If you are using Network Address Translation (NAT), you should verify that your external address matches the DNS entry, and that the external address is properly mapped to the internal address Additionally, cookies that do not specify the domain will not work. We have an improvement planned that will add an option, Option ForceWildCardCertificate, to tell EZproxy that the certificate is a valid wildcard certificate. If there are any inconsistencies in the information returned by the script, contact your network administrator to resolve this issue.

Does anyone have any > suggestions? > > I just inherited EZProxy, have no training, and apologize in advance if > my question is extraordinarily stupid. > > > Thanks, > See EZproxy Changes Archive for all changes made prior to V6.0 (through V5.7.44). The new, default SSLCipherSuite string is: HIGH:MEDIUM:!ADH:!aNULL:!LOW:!EXP:!SSLv2:@STRENGTH EZproxy V6.0.8 was built with libxml 2.9.2, which resolves the “billion laughs” security issue. The SourceIP directive was not working correctly in V6.0; this problem has been resolved, and it now works correctly.

EZproxy currently does not use the SAN field when looking for domains. If you receive the same error, then you need to contact the vendor to add the IP address of your EZproxy server to your account. A record of each failed attempt will be recorded in your Audit log if you have Audit Most configured. Location When used in combination with Audit Most, this directive enables Directive Description LoginPortSSL This directive enables you to specify the port on which EZproxy should listen for incoming login, menu, and administration requests using https.

It is the best piece of software for connecting off campus users to Library resources. By continuing to browse the site, you are agreeing to our use of cookies. Find out more. SSL error: Couldn't set ciphers 4149184192:error:140E6118:SSL routines:SSL_CIPHER_PROCESS_RULESTR:invalid command:ssl_ciph.c:839: 2015-06-17 11:25:24 EZproxy process 12839 exited abnormally, status=1 2015-06-17 11:25:24 EZproxy process has failed to start.

Each time you retest, you should: Close all browser windows Relaunch your browser Clear your browser cache Connect to the database and retest 0. May > Oklahoma City, Oklahoma 73159 > 405.682.7564 > > --- > You are currently subscribed to ezproxy as: [email protected] > To unsubscribe send a blank email to [email protected] > --- For more information, see How to Request a WSKey. This problem has been resolved. 2015-01-28 EZproxy changes for Version 6.0 Download EZproxy V6.0 here.

This rule would have the following impact: Condition/Action Result IfCountry AS; If a user is coming from the country “AS” determined by their IP address Audit Denied Non-US Access; Record the If I had to guess (and that's what I'm doing), I would be willing to speculate that: your user has bookmarked a session at a remote service which has expired and Some features of this site will not be available. For more details about what version of TLS is currently supported, please see the Release Notes.

The following are some of the config.txt directives that now support the specification of IP addresses: AutoLoginIP DNS IncludeIP IntruderIPAttempts Location ExcludeIP Referer This is done to ensure that only you can edit your e-mail preferences. Place it within a database definition stanza, after the Title statement, for it to take effect for that stanza. RSS Feeds Monitor product information from your newsreader or RSS-enabled Web page Listservs Peer support and discussion System Alerts 14 October 2016, 01:18 AM Eastern Daylight Time, North America [UTC -4]

If the problem persists or you are unable to get into any of our databases, please notify the library immediately via the feedback form. As long as everything looks correct, edit your config.txtfile and look for any lines like: MV 200 MaxVirtualHosts 200 (MV is an abbreviation for MaxVirtualHosts). Host Maintenance does not appear in all versions of EZproxy, so if you are using an old version, you may not find this option. Max Virtual Hosts Error Error Codes ar...

SOLUTION Some databases might function better in another browser when using the proxy server. and its affiliates Skip to main content Schools & departments Search: Search Information Services Information Services MenuInformation Services homeLibraryUsing the LibraryAccessing e-resourcesHow to access e-resources Who can use e-resources? Within this database's section of the file, the following link must be added: Host www.somesite.com This occurs when vendors change their server locations or d...

I get email alerts from journals and I can't use the links to access articles. Within this database's section of the file, the following line must be added: Host www.domainname.com The EZproxy server must then be restarted to make this change take effect. I get email alerts from journals and I can't use the links to access articles. EZproxy gives this error to all remote users If all remote users receive this error, you should start by verifying your DNS entry for your EZproxy server. ...

Proxying (in General) is possible because EZproxy acts like a simple web browser and faces the database. I'm at another institution and cannot access the databases, why not? If you are able to log into EZproxy, you should be able to use the information at EZproxy Administration to create an administrative account and log into your EZproxy administration page When a browser requests a document, it often says "give me this page, unless it hasn't been modified since this date that's on a copy of...